libdigidocpp
|
#include <SignatureTM.h>
Public Member Functions | |
SignatureTM (unsigned int id, const BDoc &_bdoc) | |
SignatureTM (const std::string &path, const BDoc &_bdoc) throw (SignatureException) | |
virtual | ~SignatureTM () |
virtual std::string | getMediaType () const |
std::vector< unsigned char > | getNonce () const |
X509Cert | getOCSPCertificate () const |
std::string | getProducedAt () const |
std::string | getResponderID () const |
void | getRevocationOCSPRef (std::vector< unsigned char > &data, std::string &digestMethodUri) const throw (SignatureException) |
virtual void | validateOffline () const throw (SignatureException) |
![]() | |
SignatureBES (unsigned int id, const BDoc &bdoc) | |
SignatureBES (const std::string &path, const BDoc &bdoc) throw (SignatureException) | |
virtual | ~SignatureBES () |
std::vector< std::string > | referenceDigestMethods () const |
virtual CertStatus | validateOnline () const throw (SignatureException) |
![]() | |
virtual | ~Signature () |
std::string | saveToXml () throw (IOException) |
std::string | getId () const |
SignatureProductionPlace | getProductionPlace () const |
SignerRole | getSignerRole () const |
std::string | getSigningTime () const |
X509Cert | getSigningCertificate () const throw (SignatureException) |
std::string | getSignatureMethod () const |
Static Public Attributes | |
static const std::string | MEDIA_TYPE = "signature/bdoc-1.0/TM" |
![]() | |
static const std::string | MEDIA_TYPE = "signature/bdoc-1.0/BES" |
Protected Member Functions | |
virtual void | sign (Signer *signer) throw (SignatureException, SignException) |
void | notarize () throw (SignatureException, SignException) |
void | addCertificateValue (const std::string &certId, const X509Cert &x509) |
![]() | |
std::vector< unsigned char > | prepareSignedInfo (Signer *singer) throw (SignatureException, SignException) |
![]() | |
Signature (unsigned int id) | |
Signature (const std::string &path) throw (SignatureException) | |
void | addReference (const std::string &uri, const std::string &digestUri, const std::vector< unsigned char > &digestValue, const std::string &type="") throw (SignatureException) |
void | setSigningCertificate (const X509Cert &cert) |
void | setSignatureProductionPlace (const SignatureProductionPlace &signatureProductionPlace) |
void | setSignerRole (const SignerRole &signerRole) |
void | setSigningTime (const xml_schema::DateTime &signingTime) |
std::vector< unsigned char > | getSignatureValue () const |
void | setSignatureValue (Signer::Signature signatureValue) |
xades::SignedSignaturePropertiesType & | getSignedSignatureProperties () const throw (SignatureException) |
dsig::X509DataType::X509CertificateType & | getSigningX509CertificateType () const throw (SignatureException) |
std::vector< unsigned char > | calcDigestOnNode (Digest *calc, const std::string &ns, const std::string &tagName) const throw (SignatureException) |
Private Member Functions | |
void | createTMProperties () |
void | setOCSPCertificate (const X509Cert &x509) |
void | setCACertificate (const X509Cert &x509) |
void | setOCSPResponseValue (const std::vector< unsigned char > &data) |
void | setCompleteRevocationRefs (const std::string &responderName, const std::string &digestMethodUri, const std::vector< unsigned char > &ocspResponseHash, const struct tm &producedAt) |
std::vector< unsigned char > | getOCSPResponseValue () const |
xades::UnsignedPropertiesType::UnsignedSignaturePropertiesOptional & | unsignedSignatureProperties () const throw (SignatureException) |
Additional Inherited Members | |
![]() | |
enum | CertStatus { GOOD, REVOKED, UNKNOWN } |
![]() | |
const BDoc & | bdoc |
![]() | |
static const std::string | XADES_NAMESPACE = "http://uri.etsi.org/01903/v1.3.2#" |
Definition at line 28 of file SignatureTM.h.
Definition at line 34 of file SignatureTM.cpp.
digidoc::SignatureTM::SignatureTM | ( | const std::string & | path, |
const BDoc & | _bdoc | ||
) | throw (SignatureException) |
Definition at line 39 of file SignatureTM.cpp.
|
virtual |
Definition at line 44 of file SignatureTM.cpp.
|
protected |
Add certificate under CertificateValues element
certId | id attribute of EncapsulatedX509Certificate |
x509 | value of EncapsulatedX509Certificate |
Definition at line 448 of file SignatureTM.cpp.
References DEBUG, digidoc::X509Cert::encodeDER(), digidoc::X509Cert::getSerial(), and digidoc::X509Cert::getSubjectName().
|
private |
Add elements required by TM profile
Definition at line 351 of file SignatureTM.cpp.
|
virtual |
Reimplemented from digidoc::SignatureBES.
Definition at line 51 of file SignatureTM.cpp.
std::vector< unsigned char > digidoc::SignatureTM::getNonce | ( | ) | const |
Definition at line 59 of file SignatureTM.cpp.
References digidoc::OCSP::getNonce().
digidoc::X509Cert digidoc::SignatureTM::getOCSPCertificate | ( | ) | const |
Definition at line 67 of file SignatureTM.cpp.
|
private |
Get value of UnsignedProperties which contains whole OCSP response
data | will contain DER encoded OCSP response bytes |
Definition at line 485 of file SignatureTM.cpp.
std::string digidoc::SignatureTM::getProducedAt | ( | ) | const |
Definition at line 91 of file SignatureTM.cpp.
References digidoc::OCSP::getProducedAt(), digidoc::util::date::makeDateTime(), and digidoc::util::date::xsd2string().
std::string digidoc::SignatureTM::getResponderID | ( | ) | const |
Definition at line 104 of file SignatureTM.cpp.
void digidoc::SignatureTM::getRevocationOCSPRef | ( | std::vector< unsigned char > & | data, |
std::string & | digestMethodUri | ||
) | const throw (SignatureException) |
Get value of UnsignedProperties which contains hash of OCSP server response.
data | Binary value of UnsignedProperties. Hash of DER encoded OCSP response |
digestMethodUri | Digest method used for calculating hash of OCSP response |
SignatureException | on error in references |
Definition at line 507 of file SignatureTM.cpp.
References THROW_SIGNATUREEXCEPTION.
|
protected |
SignatureException |
Definition at line 237 of file SignatureTM.cpp.
References digidoc::Conf::OCSPConf::cert, digidoc::Exception::CertificateRevoked, digidoc::Exception::CertificateUnknown, digidoc::OCSP::checkCert(), DEBUG, DEBUGMEM, e, ERR, digidoc::X509CertStore::getCert(), digidoc::Digest::getDigest(), digidoc::X509CertStore::getInstance(), digidoc::Conf::getInstance(), digidoc::X509Cert::getIssuerName(), digidoc::Conf::getOCSP(), digidoc::Digest::getUri(), digidoc::OCSP::GOOD, digidoc::Conf::OCSPConf::issuer, digidoc::Exception::OCSPResponderMissing, digidoc::OCSP::REVOKED, digidoc::Exception::setCode(), digidoc::OCSP::setMaxAge(), digidoc::OCSP::setOCSPCerts(), digidoc::OCSP::setSkew(), digidoc::OCSP::setUrl(), STACK_OF(), THROW_SIGNATUREEXCEPTION, THROW_SIGNATUREEXCEPTION_CAUSE, digidoc::OCSP::UNKNOWN, digidoc::Digest::update(), and digidoc::Conf::OCSPConf::url.
|
private |
Definition at line 438 of file SignatureTM.cpp.
|
private |
Create CompleteRevocationRefs element that describes communication with OSCP responder.
responderName | OCSP responder name as represented in responder public certification. Format as RFC2253 |
digestMethodUri | digest method URI that was used for calculating ocspResponseHash |
ocspResponseHash | Digest of DER encode OCSP response |
producedAt | ProduceAt field of OCSP response |
Definition at line 372 of file SignatureTM.cpp.
References digidoc::util::date::makeDateTime(), and value.
|
private |
Set OCSP responder cert.
x509 | certificate that was used identify OCSP responder |
Definition at line 406 of file SignatureTM.cpp.
References DEBUG, digidoc::X509Cert::encodeDER(), digidoc::Digest::getDigest(), digidoc::X509Cert::getIssuerName(), digidoc::X509Cert::getSerial(), digidoc::Digest::getSize(), digidoc::Digest::getUri(), and digidoc::Digest::update().
|
private |
Fill RevocationValues element
data | OCSP response in DER encoding |
Definition at line 464 of file SignatureTM.cpp.
|
protectedvirtual |
signer |
SignatureException |
Reimplemented from digidoc::SignatureBES.
Definition at line 224 of file SignatureTM.cpp.
References DEBUG, and digidoc::SignatureBES::sign().
|
private |
Definition at line 543 of file SignatureTM.cpp.
References THROW_SIGNATUREEXCEPTION.
|
virtual |
Do TM offline validations.
SignatureException | if signature is not valid |
Reimplemented from digidoc::SignatureBES.
Definition at line 120 of file SignatureTM.cpp.
References digidoc::Conf::OCSPConf::cert, DEBUG, DEBUGMEM, e, digidoc::Digest::getDigest(), digidoc::X509CertStore::getInstance(), digidoc::Conf::getInstance(), digidoc::OCSP::getNonce(), digidoc::Conf::getOCSP(), digidoc::Conf::OCSPConf::issuer, digidoc::util::date::makeDateTime(), digidoc::Exception::OCSPCertMissing, digidoc::Exception::OCSPResponderMissing, digidoc::OCSP::setCertStore(), digidoc::Exception::setCode(), digidoc::OCSP::setOCSPCerts(), STACK_OF(), THROW_SIGNATUREEXCEPTION, THROW_SIGNATUREEXCEPTION_CAUSE, digidoc::Digest::update(), digidoc::Conf::OCSPConf::url, digidoc::SignatureBES::validateOffline(), and digidoc::OCSP::verifyResponse().
|
static |
TM profile signature media type.
Definition at line 42 of file SignatureTM.h.
Referenced by digidoc::BDoc::parseManifestAndLoadFiles().